发表新帖
发表新帖

Android, build openssl-fips-2.0

后端 未结
关注
4 1864
耶瑟儿~
耶瑟儿~ 2020-12-12 01:42

Trying to build openssl-fips-2.0 with NDK, before I was lucky found this link and did it easily. https://github.com/guardianproject/openssl-android

Now trying to do

相关标签:
4条回答
  • 旧时难觅i
    2020-12-12 01:53

    f anyone else runs into the same problem I did, the key to getting this to work as described above by brewphone (thanks btw for your insight) is to package the un-stripped libs as content and then copy them to the apps data folder after which the System.load("/data/data/myapp/files/libcrypto.so.1.0.0") and System.load("/data/data/myapp/files/libssl.so.1.0.0") did the trick.

    Interestingly, just changing the makefiles to put the version number before the .so extension caused the fingerprint to fail even though the fips stuff was not touched.

    brewphone, if you managed to do this another way, please let me know :)

    0 讨论(0)
  • 礼貌的吻别
    2020-12-12 01:57

    Why? If you have to modify the build scripts, the resulting module won't be FIPS compliant, and you most certainly need to modify to build on Android.

    0 讨论(0)
  • 长情又很酷
    2020-12-12 01:58

    Thank you Nikolay and brewphone . It would have been great If I found your post earlier. I have managed to build fips-openssl for my phone.I had to add a little awk snippet in the fipsld script to get it working.(openssl-fips-1.2.3)

    brewphone, I have the libcrypto.a and libssl.a from the build and I statically link them to create a library for my application. Is that the best way to do it?

    Thanks!

    0 讨论(0)
  • 闹比i
    2020-12-12 02:08

    How to build OpenSSL FIPS 2.0 on Mac OS X 10.7 with android-ndk-r8

    1. Install JDK, android-sdk, android-ndk

    2. Install GCC on Mac

      Xcode\Preferences\Components\Command Line Tools\install.

    3. Setup environment for build:

      $ANDROID_NDK_HOME is my android-ndk folder
export ANDROID_NDK=$ANDROID_NDK_HOME
export FIPS_SIG=$PWD/util/incore
export PATH="$ANDROID_NDK/toolchains/arm-linux-androideabi-4.4.3/prebuilt/linux-x86/bin":$PATH
export MACHINE=armv7l
export RELEASE=2.6.32.GMU
export SYSTEM=android
export ARCH=arm
export CROSS_COMPILE="arm-linux-androideabi-"
export ANDROID_DEV="$ANDROID_NDK/platforms/android-14/arch-arm/usr" 
export HOSTCC=gcc

    4. build fips openssl module:

      gunzip -c openssl-fips-2.0.tar.gz | tar xf -
cd openssl-fips-2.0/
./config
make
make install # copy files to /usr/local/ssl/

    5. build fips capable openssl library (.a)

      gunzip -c openssl-1.0.1c.tar.gz | tar xf -
cd openssl-1.0.1c/
./config fips --with-fipslibdir=/usr/local/ssl/fips-2.0/lib/ 
make depend
make

    There you go.

    0 讨论(0)
 看不清?
提交回复
热议问题